Notes for 9/10/2015
Tanner Hall

Identifiers

Public knowledge

Passwords are private

Something I know

Something I posses

Like a debit card

Smart Card




Challenge response system

Problem, someone can steal them
Biometrics
How to protect against remote authentication

Random numbers

Attacks
Eavesdropping


Passively listens
Replay attacks


Dynamic one time password
Something I do



Something I am


Has a micro processor
Replays an authentication sequence
Memory Cards

Can store but do not process data

Most common is the magnetic stripe card

Provides more security with pin number
Smart Cards

Include an embedded microprocessor



Manual interfaces include a keypad and display for interaction

Classified

Static

Time bases

Password
Biometric Authentication

Pattern recognition

More expensive

Characteristics used include

Face

Fingerprints

Hand geometry

Retinal pattern

Iris

Most accurate

Most expensive

Signature

Voice

Least expensive

Lease accurate'
Remote User Authentication

Generally rely on some form of a challenge response to counter threats

Threats

Eavesdropping

Replay attacks

Trojan Horse

Client attacks

Host attacks

Denial of service